Hi Martín, On Tuesday, December 04, 2001, 5:17:29 PM, you babbled something about:
>> MM> I have a question for the people of RH. Why is the default >> configuration of MM> sendmail in RH 7.2 (and I was told in 7.1 too) is to >> only listen to the MM> loopback device, and not to the ethernets? >> >> I think it is a great idea. Much fewer open relays from default installs. >> Now if only Exchange and Domino would do this, there would be a lot less >> spam. MM> In that case, why not keep blocking with the NO-RELEY, and add the relay MM> hosts to /etc/mail/relay-domains? I've found it easier. Situation - Webserver with outgoing mail only (from scripts) Procedure - Do nothing and sendmail doesn't even listen on the outside ports giving added security Situation - Masq/NAT gateway Procedure - edit sendmail.cf (without m4) and add a line similar to the 127.0.0.1 line for <your.internal.ip.address> and it will work for all internal mail (and out to the net) and not listen on external interface, again adding security. (Obviously there is a firewall as well, but the less there is listening the better.) Situation - Pure Mail server Procedure - Either comment out the line, or (better) rebuild the sendmail.mc and use m4 to process it. Since I usually do this anyway with a pure mail server, it hasn't inconvenienced me yet. But it will always depend on your needs. But if your needs are different, it could of course cause you more grief. I would find your alternative to be more work. <snip> MM> I'm not the person who had the problem, but I am at this moment downloading MM> sendmail-8.11.6 and would like to know 2 things: MM> 1) Those this sendmail have the default configuration described before? It should. MM> 2) One of the machines I'll update is and old RH which happens to have only MM> one package of sendmail, and now there are 3 (the package, the -cf and the MM> doc). Which are mandatory? I can't say for certain, but you only need the "doc" if you want the documentation installed. And you only need the "cf" package if you are going to rebuild using m4. I don't remember if they were all combined in one on the older versions. Have fun, -- _________________________________________________________________ Brian Ashe CTO [EMAIL PROTECTED] Dee-Web Software Services, LLC. http://www.dee-web.com/ ----------------------------------------------------------------- You don't have to swim faster than the shark... You just have to swim faster than the people you're with. _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
